| View previous topic :: View next topic |
| Author |
Message |
Furtim
n00b
Joined: 01 Dec 2002
Posts: 65
|
 Posted: Sun Dec 01, 2002 7:11 pm Post subject: |
 |
|
what device is the internet on ?
Try -
disable hostonly network |
|
| Back to top |
|
 |
waverider202
Tux's lil' helper
Joined: 25 Sep 2002
Posts: 146
Location: Drexel University
|
| Posted: Mon Dec 02, 2002 3:09 am Post subject: blocked ports |
|
|
when blocking ports, did you tell it to block those ports only on eth0, cause that makes a difference
_________________
 |
|
| Back to top |
|
|
Lockup
Guru
Joined: 25 Jul 2002
Posts: 430
|
| Posted: Mon Dec 02, 2002 3:41 pm Post subject: |
|
|
well, to make things simpler, heres the whole script heh...if im missing any rules or something please tell me...i know its a bit big but its just a basic setup that ill base myself on to make it a bit more advanced later, when i get this [...] vmware networking up
now just to make sure...is there anything else to setup on the linux box except the rules?
| Code: |
#!/bin/sh
###############################################
# Configuration:
###############################################
# Internet Connection Configuration
INET_IFACE="eth0"
INET_IP="`/sbin/ifconfig eth0 | /bin/grep 'inet addr' | awk '{print $2}' | sed -e 's/.*://'`"
echo ${INET_IP} > /etc/inet_ip
# LAN Configuration
LAN_IFACE="eth0"
LAN_IP="192.168.0.1"
LAN_IP_RANGE="192.168.0.0/24"
LAN_BCAST_ADDR="192.168.0.255"
# Localhost Configuration
LO_IFACE="lo"
LO_IP="127.0.0.1"
# IPTables Configuration
IPT="/sbin/iptables"
BLOCK_BAD_PORTS="yes"
echo "Loading iptables firewall:"
###########################################################################
# /proc Configuration ####################################################
###########################################################################
# IP Forwarding
echo -n "Checking IP Forwarding..."
if [ -e /proc/sys/net/ipv4/ip_forward ] ; then
echo 1 > /proc/sys/net/ipv4/ip_forward
echo "enabled."
else
echo "Support not found. (this will probably cause problems)"
fi
# TCP Syncookies
echo -n "Checking IP SynCookies..."
if [ -e /proc/sys/net/ipv4/tcp_syncookies ] ; then
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
echo "enabled."
else
echo "support not found, but that's OK."
fi
###############################################
# Ruleset ###############################################
# Default Policies
echo "Building default policies and tables"
$IPT -P INPUT DROP
$IPT -P OUTPUT DROP
$IPT -P FORWARD DROP
# Bad TCP packets chain
$IPT -N bad_tcp_packets
# Bad ports and droplog chain
$IPT -N bad_ports
$IPT -N drop_log
# ICMP, TCP and UDP chains
$IPT -N allowed
$IPT -N icmp_packets
$IPT -N tcp_packets
$IPT -N udp_packets
# bad_tcp_packets chain
# :logs then drops bad tcp packets
echo "Building the bad_tcp_packets chain"
$IPT -A bad_tcp_packets -p tcp ! --syn -m state --state NEW -j LOG --log-prefix "New not syn:"
$IPT -A bad_tcp_packets -p tcp ! --syn -m state --state NEW -j DROP
# drop_log chain
# :logs then drops packets that were sent from bad_ports chain
echo "Building the drop_log chain"
$IPT -A drop_log -p all -s 0/0 -j LOG --log-prefix "Bad port:"
$IPT -A drop_log -p all -s 0/0 -j DROP
# bad_ports chain
# :forwards ports we want logged to the drop_log chain
echo "Building the bad_ports chain"
$IPT -A bad_ports -p tcp -s 0/0 --destination-port 23 -j drop_log
$IPT -A bad_ports -p tcp -s 0/0 --destination-port 25 -j drop_log
$IPT -A bad_ports -p tcp -s 0/0 --destination-port 50 -j drop_log
$IPT -A bad_ports -p tcp -s 0/0 --destination-port 80 -j drop_log
$IPT -A bad_ports -p tcp -s 0/0 --destination-port 110 -j drop_log
$IPT -A bad_ports -p tcp -s 0/0 --destination-port 111 -j drop_log
$IPT -A bad_ports -p tcp -s 0/0 --destination-port 137 -j drop_log
$IPT -A bad_ports -p tcp -s 0/0 --destination-port 138 -j drop_log
$IPT -A bad_ports -p tcp -s 0/0 --destination-port 139 -j drop_log
$IPT -A bad_ports -p tcp -s 0/0 --destination-port 389 -j drop_log
$IPT -A bad_ports -p tcp -s 0/0 --destination-port 512 -j drop_log
$IPT -A bad_ports -p tcp -s 0/0 --destination-port 513 -j drop_log
$IPT -A bad_ports -p tcp -s 0/0 --destination-port 514 -j drop_log
$IPT -A bad_ports -p tcp -s 0/0 --destination-port 515 -j drop_log
$IPT -A bad_ports -p tcp -s 0/0 --destination-port 522 -j drop_log
$IPT -A bad_ports -p tcp -s 0/0 --destination-port 664 -j drop_log
$IPT -A bad_ports -p tcp -s 0/0 --destination-port 679 -j drop_log
$IPT -A bad_ports -p tcp -s 0/0 --destination-port 708 -j drop_log
$IPT -A bad_ports -p tcp -s 0/0 --destination-port 1080 -j drop_log
$IPT -A bad_ports -p tcp -s 0/0 --destination-port 1503 -j drop_log
$IPT -A bad_ports -p tcp -s 0/0 --destination-port 2049 -j drop_log
$IPT -A bad_ports -p tcp -s 0/0 --destination-port 2064 -j drop_log
$IPT -A bad_ports -p tcp -s 0/0 --destination-port 3306 -j drop_log
$IPT -A bad_ports -p tcp -s 0/0 --destination-port 3128 -j drop_log
$IPT -A bad_ports -p tcp -s 0/0 --destination-port 7100 -j drop_log
$IPT -A bad_ports -p tcp -s 0/0 --destination-port 12345 -j drop_log
$IPT -A bad_ports -p tcp -s 0/0 --destination-port 12346 -j drop_log
$IPT -A bad_ports -p tcp -s 0/0 --destination-port 31337 -j drop_log
$IPT -A bad_ports -p udp -s 0/0 --destination-port 137 -j drop_log
$IPT -A bad_ports -p udp -s 0/0 --destination-port 139 -j drop_log
# allowed chain
echo "Building the allowed chain"
$IPT -A allowed -p TCP --syn -j ACCEPT
$IPT -A allowed -p TCP -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPT -A allowed -p TCP -j DROP
$IPT -A allowed -p UDP -m state --state ESTABLISHED,RELATED -j ACCEPT
# tcp_packets chain
echo "Building the tcp_packets chain"
$IPT -A tcp_packets -p TCP -s 0/0 --dport 666 -j LOG --log-prefix "SSH connection from:"
$IPT -A tcp_packets -p TCP -s 0/0 --dport 666 -j allowed
$IPT -A tcp_packets -p TCP -s 127.0.0.1 --dport 6000 -j allowed
$IPT -A tcp_packets -p TCP -s $INET_IP --dport 6000 -j allowed
# udp_packets chain
echo "Building the udp_packets chain"
$IPT -A udp_packets -p UDP -s 0/0 --sport 67 -d 255.255.255.255 --dport 68 -j ACCEPT
# icmp_packets
echo "Building the icmp_packets chain"
$IPT -A icmp_packets -p ICMP -s 0/0 --icmp-type 8 -j DROP #block pings
$IPT -A icmp_packets -p ICMP -s 0/0 --icmp-type 11 -j ACCEPT
# INPUT chain
echo "INPUT chain..."
# Bad TCP packets we don't want.
echo "Bad TCP packets we dont want"
$IPT -A INPUT -p tcp -j bad_tcp_packets
# Block bad ports
echo "Block bad ports"
if [ $BLOCK_BAD_PORTS == "yes" ]; then
$IPT -A INPUT -p ALL -i $INET_IFACE -j bad_ports
fi
# Rules for localhost & intranet
echo "Setting rules for localhost & intranet"
$IPT -A INPUT -p ALL -i $LAN_IFACE -s $LAN_IP_RANGE -j ACCEPT
$IPT -A INPUT -p ALL -i $LO_IFACE -j ACCEPT
$IPT -A INPUT -p ALL -i $LO_IFACE -s $LO_IP -j ACCEPT
$IPT -A INPUT -p ALL -i $LO_IFACE -s $LAN_IP -j ACCEPT
$IPT -A INPUT -p ALL -i $LO_IFACE -s $INET_IP -j ACCEPT
$IPT -A INPUT -p ALL -i $LAN_IFACE -d $LAN_BCAST_ADDR -j ACCEPT
# Rules for incoming packets from the internet.
echo "Setting rules for incoming packets from the internet"
$IPT -A INPUT -p ALL -i $INET_IFACE -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPT -A INPUT -p TCP -i $INET_IFACE -j tcp_packets
$IPT -A INPUT -p UDP -i $INET_IFACE -j udp_packets
$IPT -A INPUT -p ICMP -i $INET_IFACE -j icmp_packets
# Log weird packets that don't match the above.
echo "Logging weird packets that dont match any rules"
$IPT -A INPUT -m limit --limit 3/minute --limit-burst 3 -j LOG --log-level DEBUG --log-prefix "IPT INPUT packet died: "
# FORWARD chain
echo "FORWARD chain..."
# Bad TCP packets we don't want
echo "Bad TCP packets we dont want"
$IPT -A FORWARD -p tcp -j bad_tcp_packets
# Block bad ports
echo "Blocking bad ports"
if [ $BLOCK_BAD_PORTS == "yes" ]; then
$IPT -A FORWARD -p ALL -s ! $LAN_IP_RANGE -d $LAN_IP_RANGE -j bad_ports
fi
# Accept the packets we actually want to forward
echo "Accept the packets we want to forward"
$IPT -A FORWARD -i $LAN_IFACE -j ACCEPT
$IPT -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPT -A FORWARD -s $LAN_IP_RANGE -j ACCEPT
$IPT -A FORWARD -d $LAN_IP_RANGE -j ACCEPT
# Log weird packets that don't match the above.
echo "Logging weird packets that dont match the above"
$IPT -A FORWARD -m limit --limit 3/minute --limit-burst 3 -j LOG --log-level DEBUG --log-prefix "IPT FORWARD packet died:"
# OUTPUT chain
echo "OUTPUT chain..."
# Bad TCP packets we don't want.
echo "Bad TCP packets we dont want"
$IPT -A OUTPUT -p tcp -j bad_tcp_packets
# Special OUTPUT rules to decide which IP's to allow.
echo "Special rules to decide which IP's to allow"
$IPT -A OUTPUT -p ALL -s $LO_IP -j ACCEPT
$IPT -A OUTPUT -p ALL -s $LAN_IP -j ACCEPT
$IPT -A OUTPUT -p ALL -o $INET_IFACE -j ACCEPT
$IPT -A OUTPUT -p ALL -s $INET_IP -j ACCEPT
# Log weird packets that don't match the above.
echo "Log weird packets that dont match rules"
$IPT -A OUTPUT -m limit --limit 3/minute --limit-burst 3 -j LOG --log-level DEBUG --log-prefix "IPT OUTPUT packet died"
####################################################################
#
# NAT table
#
echo "NAT POSTROUTING chain..."
# POSTROUTING chain
# Enable IP Masquerading
$IPT -t nat -A POSTROUTING -o $INET_IFACE -j MASQUERADE
echo "Enabling Masq"
echo "Done."
|
keep in mind that the ping drop rule isnt enabled when i test the networking, as it might obviously cause problems when..err...pinging 
ps: yeah i know that badports thing is a bit long, ill turn it into a simple var with the ports i want logged and just use a 'for'...
and with that set of rules, which networking "protocol" should i exactly tell vmware to use? im not sure between host-only and nat...(both arent working but itd be nice to be sure:p |
|
| Back to top |
|
|
waverider202
Tux's lil' helper
Joined: 25 Sep 2002
Posts: 146
Location: Drexel University
|
| Posted: Mon Dec 02, 2002 3:51 pm Post subject: Lan interface |
|
|
Both your inet and lan interface are set to eth0. That can do some really screwy things. Your lan interface should be vmnet8. Plug that in then try.
_________________
|
|
| Back to top |
|
|
Lockup
Guru
Joined: 25 Jul 2002
Posts: 430
|
| Posted: Mon Dec 02, 2002 3:53 pm Post subject: |
|
|
hmm ill try when i get home i guess(at college atm...urgh...10 hours of class:(
so i just change this one to vmnet8, nothing else?
id change it right away but apparantly i either lost connection or power at home, cause i cant ssh in
actually, when i get home, ill paste an ifconfig over, and a screenie of my windows network setup heh...so... host-only, bridged, or nat? still confused |
|
| Back to top |
|
|
waverider202
Tux's lil' helper
Joined: 25 Sep 2002
Posts: 146
Location: Drexel University
|
| Posted: Mon Dec 02, 2002 4:02 pm Post subject: Nat |
|
|
you'll be using NAT.
_________________
|
|
| Back to top |
|
|
Furtim
n00b
Joined: 01 Dec 2002
Posts: 65
|
| Posted: Mon Dec 02, 2002 6:44 pm Post subject: |
|
|
your setup will work if you change your LAN_IFACE to vmnet1 or vmnet8
what ever you have
Just set my machine up like yours and it worked
normally i don't have hostonly ( prefer samba share ) as i have an internal
network as well
waverider i thought you had the wrong iface till i set this up and found i could
do the same on both |
|
| Back to top |
|
|
waverider202
Tux's lil' helper
Joined: 25 Sep 2002
Posts: 146
Location: Drexel University
|
| Posted: Mon Dec 02, 2002 7:38 pm Post subject: vmnet1 or 8 |
|
|
vmnet8 was my guess, if that didn't work I was gonna say use vmnet1 
lol
_________________
|
|
| Back to top |
|
|
Lockup
Guru
Joined: 25 Jul 2002
Posts: 430
|
| Posted: Mon Dec 02, 2002 10:40 pm Post subject: |
|
|
well nat is vmnet8....hostonly is vmnet1, and bridged is err nothing 
just got home gonna try the script...once again
edit: hrm...just enabled NAT with vmware-config.pl and now theres no vmnet in ifconfig *rolleyes* this is really starting to annoy me
edit2: ah it just popped up...heh....right time to try |
|
| Back to top |
|
|
Lockup
Guru
Joined: 25 Jul 2002
Posts: 430
|
| Posted: Mon Dec 02, 2002 11:51 pm Post subject: |
|
|
heres my ifconfig
| Code: |
eth0 Link encap:Ethernet HWaddr 00:50:DA:11:31:8C
inet addr:24.202.24.171 Bcast:255.255.255.255 Mask:255.255.255.0
UP BROADCAST NOTRAILERS RUNNING MTU:1500 Metric:1
RX packets:826455 errors:0 dropped:0 overruns:0 frame:0
TX packets:349441 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:249251445 (237.7 Mb) TX bytes:36894162 (35.1 Mb)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:98430 errors:0 dropped:0 overruns:0 frame:0
TX packets:98430 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:5337136 (5.0 Mb) TX bytes:5337136 (5.0 Mb)
vmnet8 Link encap:Ethernet HWaddr 00:50:56:C0:00:08
inet addr:192.168.177.1 Bcast:192.168.177.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:77 errors:0 dropped:0 overruns:0 frame:0
TX packets:18 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
|
and heres a strange part of my log when i tried to ping 192.168.177.1...the weird thing is, pinging 192.168.177.2 works, but i dont see that ip mentioned anywhere...
| Code: |
Dec 2 18:09:54 Beast IPT INPUT packet died: IN=vmnet8 OUT= MAC=00:50:56:c0:00:08:00:50:56:40:00:5e:08:00 SRC=192.168.177.5 DST=192.168.177.1 LEN=60 TOS=0x00 PREC=0x00 TTL=128 ID=102 PROTO=ICMP TYPE=8 CODE=0 ID=1024 SEQ=8448
Dec 2 18:09:55 Beast IPT INPUT packet died: IN=vmnet8 OUT= MAC=00:50:56:c0:00:08:00:50:56:40:00:5e:08:00 SRC=192.168.177.5 DST=192.168.177.1 LEN=60 TOS=0x00 PREC=0x00 TTL=128 ID=103 PROTO=ICMP TYPE=8 CODE=0 ID=1024 SEQ=8704
Dec 2 18:09:57 Beast IPT INPUT packet died: IN=vmnet8 OUT= MAC=00:50:56:c0:00:08:00:50:56:40:00:5e:08:00 SRC=192.168.177.5 DST=192.168.177.1 LEN=60 TOS=0x00 PREC=0x00 TTL=128 ID=104 PROTO=ICMP TYPE=8 CODE=0 ID=1024 SEQ=8960
Dec 2 18:11:30 Beast IPT INPUT packet died: IN=vmnet8 OUT= MAC=ff:ff:ff:ff:ff:ff:00:50:56:40:00:5e:08:00 SRC=192.168.177.5 DST=192.168.177.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=122 PROTO=UDP SPT=137 DPT=137 LEN=58
Dec 2 18:11:30 Beast IPT INPUT packet died: IN=vmnet8 OUT= MAC=ff:ff:ff:ff:ff:ff:00:50:56:40:00:5e:08:00 SRC=192.168.177.5 DST=192.168.177.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=123 PROTO=UDP SPT=137 DPT=137 LEN=58
Dec 2 18:11:31 Beast IPT INPUT packet died: IN=vmnet8 OUT= MAC=ff:ff:ff:ff:ff:ff:00:50:56:40:00:5e:08:00 SRC=192.168.177.5 DST=192.168.177.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=124 PROTO=UDP SPT=137 DPT=137 LEN=58
Dec 2 18:11:30 Beast IPT INPUT packet died: IN=vmnet8 OUT= MAC=ff:ff:ff:ff:ff:ff:00:50:56:40:00:5e:08:00 SRC=192.168.177.5 DST=192.168.177.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=123 PROTO=UDP SPT=137 DPT=137 LEN=58
|
and here is the link to the screenshot of my windows setup, if you need anything translated(old french cd version:P, just gimme a shout:)
http://membres.lycos.fr/freezer666/vmware.jpg |
|
| Back to top |
|
|
Furtim
n00b
Joined: 01 Dec 2002
Posts: 65
|
| Posted: Tue Dec 03, 2002 1:23 am Post subject: |
|
|
ok your firewall script is set to 192.168.0.1
your win2k is set to 192.168.177.5
you must set your firewall script to match your win2k 192.168.177.5 |
|
| Back to top |
|
|
Lockup
Guru
Joined: 25 Jul 2002
Posts: 430
|
| Posted: Tue Dec 03, 2002 1:36 am Post subject: |
|
|
k lets see....gonna edit this when im done trying
edit: still no luck...whats strange is i cant ping 192.168.177.1, but can ping .2...wtf? |
|
| Back to top |
|
|
Furtim
n00b
Joined: 01 Dec 2002
Posts: 65
|
| Posted: Tue Dec 03, 2002 1:50 am Post subject: |
|
|
Lockup you can ping because it's the same card bridged 
I tested your setup on my box and it worked ok
If you read my earier post you would have seen |
|
| Back to top |
|
|
Lockup
Guru
Joined: 25 Jul 2002
Posts: 430
|
| Posted: Tue Dec 03, 2002 1:55 am Post subject: |
|
|
| hm well then what could be wrong? getting desperate here :\ |
|
| Back to top |
|
|
Furtim
n00b
Joined: 01 Dec 2002
Posts: 65
|
| Posted: Tue Dec 03, 2002 2:00 am Post subject: |
|
|
Just noticed your default gateway on your win2k
change it to your Gentoo ip ( you are not routeing anything )
just stuck in your vmware box |
|
| Back to top |
|
|
Lockup
Guru
Joined: 25 Jul 2002
Posts: 430
|
| Posted: Tue Dec 03, 2002 2:03 am Post subject: |
|
|
you mean my 'real' ip?
just tried with 24.202.24.171, and i STILL can only ping the usual crap(same as above) |
|
| Back to top |
|
|
Furtim
n00b
Joined: 01 Dec 2002
Posts: 65
|
| Posted: Tue Dec 03, 2002 2:07 am Post subject: |
|
|
Yeah 24.202.24.171
bad if it's dynamic though |
|
| Back to top |
|
|
Lockup
Guru
Joined: 25 Jul 2002
Posts: 430
|
| Posted: Tue Dec 03, 2002 2:08 am Post subject: |
|
|
| yeah its dynamic thats one of the main probs i guess....but for now it still doesnt work so dynamic or not doesnt change much =p |
|
| Back to top |
|
|
Furtim
n00b
Joined: 01 Dec 2002
Posts: 65
|
| Posted: Tue Dec 03, 2002 2:17 am Post subject: |
|
|
go do a vmware-cofig.pl
enable networking and no hostonly
check your settings again
Get it working that way first
You can back up your /etc/vmware ( for quick revert ) |
|
| Back to top |
|
|
Lockup
Guru
Joined: 25 Jul 2002
Posts: 430
|
| Posted: Tue Dec 03, 2002 2:19 am Post subject: |
|
|
hmm i just found out theres a file in /etc/vmware/vmnet8/nat called nat.conf....hmm and it has a few settings that look like i should change them *scratch*
| Code: |
# Linux NAT configuration file
[host]
# NAT gateway address
ip = 192.168.177.2
netmask = 255.255.255.0
# or ip = 192.168.177.2/24
# enable configuration; disabled by default for security reasons
#configport = 33445
# VMnet device if not specified on command line
device = /dev/vmnet8
# Allow PORT/EPRT FTP commands (they need incoming TCP stream...)
activeFTP = 1
# Allows the source to have any OUI. Turn this one if you change the OUI
# in the MAC address of your virtual machines.
#allowAnyOUI = 1
[udp]
# Timeout in seconds, 0 = no timeout, default = 60; real value might
# be up to 100% longer
timeout = 60
[incomingtcp]
# Use these with care - anyone can enter into your VM through these...
# FTP (both active and passive FTP is always enabled)
# ftp localhost 8887
#8887 = 192.168.177.128:21
# WEB (make sure that if you are using named webhosting, names point to
# your host, not to guest... And if you are forwarding port other
# than 80 make sure that your server copes with mismatched port
# number in Host: header)
# lynx http://localhost:8888
#8888 = 192.168.177.128:80
# SSH
# ssh -p 8889 root@localhost
#8889 = 192.168.177.128:22
[incomingudp]
# UDP port forwarding example
#6000 = 192.168.177.128:6001
|
|
|
| Back to top |
|
|
Furtim
n00b
Joined: 01 Dec 2002
Posts: 65
|
| Posted: Tue Dec 03, 2002 2:28 am Post subject: |
|
|
Your route table tells you what you need to know
ext_ip .... lan_ip ( then setup you firewall script to match
did you change your firewall setting ?
LAN_IP="192.168.0.1"
LAN_IP_RANGE="192.168.0.0/24"
LAN_BCAST_ADDR="192.168.0.255
to match you you win2k |
|
| Back to top |
|
|
Lockup
Guru
Joined: 25 Jul 2002
Posts: 430
|
| Posted: Tue Dec 03, 2002 2:31 am Post subject: |
|
|
# LAN Configuration
LAN_IFACE="vmnet8"
LAN_IP="192.168.0.5"
LAN_IP_RANGE="192.168.0.0/24"
LAN_BCAST_ADDR="192.168.0.255" |
|
| Back to top |
|
|
Furtim
n00b
Joined: 01 Dec 2002
Posts: 65
|
| Posted: Tue Dec 03, 2002 2:36 am Post subject: |
|
|
is that your firewall settings ?
if it is you have not set them to match your win2k
should be ( firewall script )
LAN_IP="192.168.177.5"
LAN_IP_RANGE="192.168.177.0/24"
LAN_BCAST_ADDR="192.168.177.255"
win2k
ip = 192.168.177.5
subnet = 255.255.255.0
default gateway = 24.202.24.171 |
|
| Back to top |
|
|
Lockup
Guru
Joined: 25 Jul 2002
Posts: 430
|
| Posted: Tue Dec 03, 2002 3:00 am Post subject: |
|
|
| still not working... *twitches uncontrollably* |
|
| Back to top |
|
|
waverider202
Tux's lil' helper
Joined: 25 Sep 2002
Posts: 146
Location: Drexel University
|
| Posted: Tue Dec 03, 2002 3:09 am Post subject: default gateway |
|
|
shouldn't the defualt gateway be the internal ip. it should be 192.168.177.1. cause, the win2k machine doesn't know about anything else, but the internal lan. If, without the firewall, you can't ping the gentoo box's internal lan ip, then something else is wrong
_________________
|
|
| Back to top |
|
|
|
Networking & Security
